This job contributes to Starbucks success though the design, development and implementation of red team tools and engagements with the goal to improve detection, strengthen defenses, improve response strategies, and drive improvement in the overall cybersecurity program. Delivering a program of adversary-based assessments that emulates threat actors, testing and validating of existing security controls that include both announced and unannounced tests. In concert with other GCS (Global Cybersecurity Services) teams, plans and executes on sanctioned engagements which generate vulnerability reports and works with application / system owners to present the results and where appropriate advise on remediation steps.
Models and acts in accordance with Starbucks guiding principles.
Summary of Key Responsibilities
· Develop, document, and operationalize tactics, techniques, tools, and procedures that model the behaviors of external threat actors.
· Plan and execute on sanctioned engagements which generate vulnerability reports and works with application / system owners to present the results and where appropriate advise on remediation steps.
· Act as a subject matter expert for the red team.
· Collaborate with other stakeholders and GCS (Global Cybersecurity Services) teams.
· Define and maintain a set of standard operating procedures and rules of engagement for red team operations.
· Build, develop, and maintain a world class red team.
· 10+ years of experience working in an information technology discipline.
· 4+ years of hands-on penetration testing / red team experience.
· Broad experience across multiple IT domains.
· Advanced knowledge of application and network security vulnerabilities.
· Experience with offensive tools and platforms.
· Excellent problem-solving abilities.
· Excellent written and verbal communication skills.
· Acts with integrity and dependability.
· Proven ability to thrive in ambiguity.
· Certifications such as OSCP, OSWE, GPEN, CEH, or others focused on offensive security.
To apply for this job please visit itjobpro.com.